Tag
bitcoin

This blog post was inspired by a recent long conversation with Jay, Nicola, and Jesse about value in blockchains. In a previous post, Dillon and I explored the concept of merging blockchains. In light of this, I'd like to explore another concept in blockchains: hostile chain takeovers.

For context, most proof-of-work based cryptocurrencies (being the vast majority of them right now) have miners competing for block rewards, awarded proportionally to the amount of computational power they bring to the network. Networks like Bitcoin are some of the most profitable to mine, because of the substantial competition on the network, in part due to the recent value appreciation Bitcoin has gone through (yes it's down from ATH, but still 10x on the year ;))

This reminded me of the earlier days of Bitcoin – if you wanted to add new consensus-breaking functionality without a sidechain, you would clone or fork Bitcoin with new rules. Muneeb Ali previously worked on Namecoin, a human-readable naming system, forked from the Bitcoin blockchain. A few years later, he revealed that one mining pool controlled nearly 60-70% of the hash rate of the Namecoin network, breaking network security guarantees [0]. While that mining pool didn't do anything malicious, it showed that bootstrapping a proof-of-work blockchain from scratch is *really* difficult (and one of the reasons why Ethereum started).

And this doesn't just happen to less secure altcoins – it's happened to Bitcoin as well! In 2014, GHash.io controlled 51% of Bitcoin's network power [1], causing a worldwide scare and panic, and while they didn't do anything malicious, they definitely had the potential to. The incentive to take over the network at the time was limited to none, given if the price crash, GHash.io's expected return would be minimized.

Keep in mind, this can also happen on proof-of-stake based consensus systems – they also suffer from the same network value bootstrapping problem. PoS systems such as Casper and Tendermint have designed incentives to prevent forking in the network (whether this is good or bad). However, systems like these don't require the need for cheap electricity and commodity hardware, potentially amplifying the security (or lack thereof) by directly attaching security costs to the market price of the underlying commodity (on this note, good criticisms on PoS from Mark Wilcox [2] and Paul Storzc [3] that I recommend).

Long story short, all these events have shown that it's possible to take over blockchain networks for potentially malicious reasons, and there may be a couple of reasons for doing as so.

Motives/Attacks

Why would anyone want to take over/break a blockchain? I envision a couple of reasons:

Goldfinger Attacks: Some people just wanna see the world burn (see "On hostile blockchain takeovers" [4])

Governance Takeovers: An imbalance in incentives lead to the Great Bitcoin Scaling Debate of 2015-2017. Different groups of actors in the system (various miners, users, wallets, etc.) wanted to control governance of the protocol to limit/move forward an upgrade. This could happen even more in the future as various blockchains stop being maintained.

Competitive Chains: Chains that solve similar usecases will ultimately compete for developers, users, investors to determine value. If incentives become perverse enough (as money tends to), we could see more attacks

Forking from Middlemen: Things like founder rewards, ICOs, premines, etc. will often create an incentive for the community to fork away, if they think the value distributed away from the network isn't worth the value brought in by the developer team

Traditional Attacks: Layer this on top of all the traditional blockchain attacks researchers have discovered the past several years. These include bribery attacks, selfish mining attacks, etc.

How chain takeovers materialize

Infinite forking

Drop difficulty, market token, confuse users

Litecoin Silver? Litecoin Cash? lol

Find small chains with lower hash rate, and take over 51% of the network

This works by either commisioning enough hardware (even easier with ASIC-resistant blockchains) or money to control voting

attempt both soft and hard forks, see what miners stick with

Attempt double spends

Rally a community that wants change (politics!!!)

There are a ton of projects that haven't had code changes in a while. However, these networks still have value resting upon them, and shareholders that want to increase value -> hostile chain takeover time (doesn't necessarily need to be hostile, but it often is)

This can probably be used to pump prices (but for the love of god, please don't. This ecosystem is already crazy enough...)

Raise money to fund a rogue crack developer team to continue development on a chain, whether its abandoned or not

Accelerating Evolution Through Forking [5]

Often there's a rent premium in certain networks (as mentioned earlier), and more idealogical users don't like the idea of that

Introduce some black swan event

This one is implied, but often happens more than you'd think

Example: Sia team introducing new ASIC for the community, then Bitmain bring a much more powerful alternative, ruining early fixed economics for early adopters, and community largely (and brings up moral questions) [6]

For most small currencies, it's probably fairly trivial to point some computational power at the currency, and take it over, destroying the value of the underlying coins. This also brings up a larger meta question – do miners have too much power? I'll leave you with two posts ([7] [8]) that explores this question further!

Disclaimer: I'm not responsible for your blockchain breaking or getting taken over because you didn't think about security enough :). As always, this should NOT be taken as investment advice or recommendations. Finally, this post does not represent the views of my employer, Polychain Capital.